<?php

/*
   *TestGuest Version1.0
   *=================================================
   *Copy 20 17-2018 xys
   *web:963908484
   *=================================================
   *Authur:xys
   *Date:2017-7-5
   */

//开启全局变量
session_start();
//echo $_SESSION['code'];


define('IN_TG', true);

//定义一个常量，用来指定本页的内容

define('SCRIPT', 'register');

//引入公共文件
require dirname(__FILE__).'/includes/common.inc.php';


//判断是否提交了
if (isset($_GET['action']) && $_GET['action'] == "register"){
	
	//为了防止恶意注册和跨站攻击
	_check_code($_POST['code'],$_SESSION['code']);
	
	//引入验证文件
	include ROOT_PATH.'includes/register.func.php';
	
	//创建一个空数珠，用来存放提交过来的合法数据
	$_clean = array();
	//可以通过唯一标识符来防止恶意注册，伪装表单恶意攻击等等
	//这个存放入数据库的唯一标识符还有第二个用处，就是登陆cookies验证
	$_clean['uniqid'] = _check_uniqid($_POST['uniqid'], $_SESSION['uniqid']);
	//active也是一个唯一标识符，用来注册的用户进行激活处理，方可登陆
	$_clean['active'] = _sha1_uniqid();
	$_clean['username'] = _check_username($_POST['username'],2,20);
	$_clean['password'] = _check_password($_POST['password'],$_POST['notpassword'],6);
    $_clean['question'] = _check_question($_POST['question'],2,20);
	$_clean['answer'] = _check_answer($_POST['question'],$_POST['answer'],2,20);
	$_clean['sex'] = _check_sex($_POST['sex']);
	$_clean['face'] = _check_face($_POST['face']);
	$_clean['email'] = _check_email($_POST['email'],6,20);
	$_clean['qq'] = _check_qq($_POST['qq']);
	$_clean['url'] = _check_url($_POST['url'],40);
	
	//在新增之前，要判断用户名是否重复
	$query = mysqli_query($_SESSION['con'], "SELECT dg_username FROM tg_user WHERE dg_username='{$_clean['username']}'")or die('SQL错误'.mysqli_error($_SESSION['con']));
	if (mysqli_fetch_array($query, MYSQLI_ASSOC)){
		_alert_back('对不起，此用户已被注册');
	}
	
	
	//新增用户  //在双引号里直接放变量是可以的，如果是数组就必须加上花括号
	mysqli_query($_SESSION['con'],
	            "INSERT INTO tg_user(
	            		             dg_uniqid,
	            		             dg_active,
	            		             dg_username,
	            		             dg_password,
	            		             dg_question,
	            		             dg_answer,
	            		             dg_sex,
	            		             dg_face,
	            		             dg_email,
	            		             dg_qq,
	            		             dg_url,
	            		             dg_reg_time,
	            		             dg_last_time,
	            		             dg_last_ip
	                                 )
	            		       VALUES(
		            		          '{$_clean['uniqid']}',
		            		          '{$_clean['active']}',
		            		          '{$_clean['username']}',
		            		          '{$_clean['password']}',
		            		          '{$_clean['question']}',
		            		          '{$_clean['answer']}',
		            		          '{$_clean['sex']}',
		            		          '{$_clean['face']}',
		            		          '{$_clean['email']}',
		            		          '{$_clean['qq']}',
		            		          '{$_clean['url']}',
		            		          NOW(),
		            		          NOW(),
		            		          '{$_SERVER['REMOTE_ADDR']}'
	                                  )"
	)or die ('SQL执行错误'.mysqli_error($_SESSION['con']));
	//关闭数据库
	mysqli_close($_SESSION['con']);
	//跳转
	_location('恭喜你，注册成功','index.php');
}else {
	$_SESSION['uniqid'] = $_uniqid = _sha1_uniqid();
}
?>



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title>多用户留言系统--注册</title>

<?php 
   require ROOT_PATH.'includes/title.inc.php';
?>

<script type="text/javascript" src="js/face.js"></script>
</head>
<body>

<?php 
  require ROOT_PATH.'includes/header.inc.php';
?>

<div id="register">
  <h2>会员注册</h2>
  <form  method="post" name="register" action="register.php?action=register">
    <input type="hidden" name="uniqid" value="<?php echo $_SESSION['uniqid'] ?>"/>
    <dl>
        <dt>请认真填写一下内容</dt>
        <dd>用  户  名：<input type="text" name="username" class="text"/>（必填，至少两位）</dd>
        <dd>密       码：<input type="password" name="password" class="text"/>（必填，至少六位）</dd>
        <dd>确认密码：<input type="password" name="notpassword" class="text"/>（必填，同上）</dd>
        <dd>密码提示：<input type="text" name="question" class="text"/>（必填，至少两位）</dd>
        <dd>密码回答：<input type="text" name="answer" class="text"/>（必填，至少两位）</dd>
        <dd>性       别：<input type="radio" name="sex" value=“男” checked="checked"/>男<input type="radio" name="sex" value=“女” />女</dd>
        <dd class="face"><input type="hidden" name="face" value="face/1.jpg" /><img src="face/1.jpg" alt="头像选择"  id="faceimg"/></dd>
        <dd>电子邮件：<input type="text" name="email" class="text"/></dd>
        <dd>  Q Q  ：<input type="text" name="qq" class="text"/></dd>
        <dd>主页地址：<input type="text" name="url" class="text" value="http://"/></dd>
        <dd>验  证  码：<input type="text" name="code" class="text yzm"/><img src="code.php" id="code" /></dd>
        <dd><input type="submit" name="submit" value="注册"/></dd>
     </dl>
  </form> 


</div>






<?php 
  require ROOT_PATH.'includes/footer.inc.php';
?>
</body>
</html>